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(57) Abstract 

Digital content such as text, video, and music arc stored as part of a compressed and encrypted data file, or object, at a client 
computer such as a personal home computer. The content is inaccessible to a user until a payment or use authorization occurs. Payment 
or use authorization occurs via a real-time, transparent authorization process whereby the user enters account or use data at the client 
computer the account or use data is transmitted to a payment server computer, the account or use data is preprocessed at the payment 
server computer and if payment information is required and is present, the payment information is transmitted to a payment authorization 
center The payment authorization center approves or rejects the payment transaction, and bills the corresponding account The authonzauon 
center then transmits an authorization signal to the payment server computer indicating whether the transaction was approved and if not, 
which information was deficient. In response, the payment server computer transmits a token to the client computer, and if the token 
indicates approval, an installation process is initiated at the client computer whereby the object is acuvated and locked to the particular 
client computer. The object can be reopened and reused at any time on that particular computer. If the object is transmitted or copied to a 
different computer, the required payment or use information must again be tendered for access to the content 
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REGULATING ACCESS TO DIGITAL CONTENT 



Background 

This invention relates to regulating access to an object containing digital 
information or content stored at a client computer. 
5 Content traditionally has been packaged in physical form, and physically 

delivered from one point to another. For example, ihe stories and images contained 
in most morning newspapers are arranged in electronic form, on computers, but the 
newspapers are published in printed form and delivered to the subscribers' 
doorsteps by newspaper carriers. Business documents that need to be delivered to 
10 an associate or customer often are placed in an envelope and delivered by an 
overnight express service to their destination. 

Computer networks, including public switched networks using 
Transmission Control Protocol/Internet Protocol (TCP/IP) such as the Internet, 
represent a potentially economical and efficient conduit for the electronic delivery 
15 of content Digital files including text, graphics, sound, video, or any number of 
media formats can be created, and stored electronically, and delivered from one 

point to another via a network. 

Applications for transfer of content via computer networks have 
proliferated in recent years, in part due to the popularity of the Internet. For 
20 example, one widely used application is electronic mail ("email"), a messaging 
protocol for the delivery of text-based messages from one user to another. An 
email message also can include attachments, which are files that the sending party 
selected and designated for delivery along with the email message. 

Another application, the Internet browser, provides a mechanism for 
25 viewing World Wide Web ("Web") pages. Web pages are multimedia files written 
in a hypertext format, for example, utilizing the hypertext mark-up language 
(HTML), and stored at server computers ("Web servers") on the Internet. A Web 
server responds to a request from a client to view a Web page by downloading the 
. appropriate file to the client. The file is displayed by the client's browser, and 
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usually is stored in the cbenfs each, directory and/or memory along with omer 
recent* accessed Web page files. Each dme a «s« a. *e die* computer w.shes 
«, view a new Web page, ft. user must enter ft. address, or Uniform Resource 
Locator (URL) of the „.e corresponding to the Web page, or se.ee, a hypertext Unk 
5 corresponding to the URL of ft* page. Tne cUen. ften W tan ft. W* 
server the fi.e a, ft. designate* URL, and the server deUvers this file to the cuen 
Because content often is produced origmal.y in digital form, a potent*! 
^ arisen for the producers of such content ft seU directiy ft their customers, 
without the need for physical production or a dilution chain, or ftird-pariy sa.es 
,0 intermediaries such asters. For examp.e, auftors or puHish^s may offer the. 
books for sale in digUa. form on the Internet, for immedtate download by 
customers, without incurring the cos, of printing and dismbuting the book . paper 
form Likewise, newspaper publishers could deliver their daily content 
etectronically, to the user's home computer desktop, instead of in paper form to 
,5 their doorstep, and music producers could sell their recordings online wtthou. 
prod ucmg and distributing tapes or compact disk, Electronic distribution could 
in cos. savings to the consumer and increased profitability to the content 
producer, due to the reduction in printing and distribution costs. 

In an election* delivery or distribution scheme, a baseline requuemcn. 
20 is that content producers or sel.ers must have a way to regulate access to thetr 
product, for example, by first reccving payment before making ft. content 
accessible. Furthermore, since digital files are extremely easy to copy and 
debute, sellers and producers have an interest in lockmg or encrypting the files 
containing the content, so as to limit access to those who have patd for ,.. 
25 The efficacy and desirability of delivering and receiving content vta a 

computer network such as the Interne, is determined by several additional factors. 
For example, the speed and capacity of the server and client computers, and the 
communion link therebetween, may significant* affec. content delivery and 
sometimes prohibit, as a practical matter, delivery of certatn media formats. Tne 
30 speed of file transfer is affected by, among other things, me bandwidth of the 
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* , Utt „\:~nt the traffic on the network at 
commumcanom link between the server and the cbe»t,the tram 

, ,. ■ .„f.t,,.fiWs) to be transferred. While smalt, 
,he time of file transfer, and the sue of the ffle(s) to tw 

networks, other file types, such as multimedia fi.es confining graphtcsor -* 
5 can be ouite large and therefore may take significantly longer time to dehver ms 
5 can be quire b „,„,„,„— which usually have a relatively 

is particularly true of delivery to home computers, winch usua, y 

, , ^tm and standard telephone line) to the 

low-bandwidth connection (eg. a modem ana stanoar 

network Also, memory capacities, including Dynamic Random Access Memory 
(DRAM) and disk space, can limit the size and complexity of files that can be 
10 executed and stored by a client or server computer. 

Factors associated with manning a network connection also may 
^t the desirability of electee content delivery, particularly from the stiuidpoin, 
of me client For example, most Web sites cons* of multiple pages mcludmg 
£1 links to related pages a, the same server, and to other Web sitesloca^ 
, 5 aLer servers. When browsing, or jumping from page to page, on the Web, an 
internet connection should be maintain* continuously, because each file ,s 
accessed by a separate reouest from the client. Maintaining a connection can be 
Lvenient because i, may tie up the user, telephone line the —nay be 
slow quiring me user periodically to wait for the next page to be do—, 
20 or the connection may terminate unexpectedly before me user has completed 

viewrng the document. Moreover, some .nteme, access providers charge enters 
baS ed on connection time, so maintaining a connection over a long penod of tune 

can become expensive. 

Yet another factor associated with electronic content dehvery is the level 

2 5 of privacy protection afforded the sending and receiving parties. For example. 
d Lnic Lumen. undergomg transmit may contain confidential bustn^ 
information, thus users may be reluct, to deliver such documents over a computer 
network for fear mat the document may be intercepted by a third party, ether 
intentionally or unintentionally. A message sen, via a packet-swi.ch.ng network 
,0 such as the Interne, passes through many different computed on me network, 
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nodes, on the way to its final destination. The message potential* cou.d be 

nf tK ___ no dejL or at the final destination, 
intereented at any one of these noaes, w « «. 

Also Lportant for content delivery - *° and ease of use 

or interfaces presented to the user for interacting with the colter or other 
oonu.t-providingvehide. In the physical worid, interfaces are unportan, for a 
I" of purpl A newspaper, for examp.e, is arranged to have - aesthetically 
vanety purpo md ^ ^ on e page 

fcc manners in which separa* physical documents are arranged and deuvered. 

, When sending physical documents, for example, re.afcd document often are 
grouped by paperclip or s*p.e, or by packaging b. an envelope. Ldce 
world, in the digital en—, usurg a network for sen<hng a document, 
living a document, viewing a document paying for a document, or guesting 
p^o n to access a d— al, may be con.ol.ed through user — 

5 The properties and characteristics of the particular in,erface(s, used w,U affect the 
desirability of conducting such operations electrontcally. 

Summary 

Access to digital content is regulated by the mechanisms described 
herein, based on, for example, proper payment or other authorization informal 
20 submit by a user or computer process, 
combinations of the following features. 

Objects embodying digital content (such as newspaper text, executab. 
computer programs, or mustc, are arranged tn a forma, for electronic delivery, the 
format comprising an encrypted, compressed, parsed daU stiing winch mcludes the 
25 files containing the content, a utuque coded Key corresponding the ob,ecu an 
^ authorization form, and a setup file. The data string a.so may tnclude 
apptications necessary for viewing the conten, such as browsers or vewers. The 
object may be copied and traced freely berween computers. For example, a 
merchant server on the Interne, may advertise objects representing newspapers or 
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^es available for delivery to client compos. Users * Cent corners 
Z download a, object using, for example, P* « <™ « — 

that the obj«. be sea, «o the client computer via e,«trooic ma... Deuvery 

5 rel ative.y less time to transmit across me— As an alternative to nerwork 
delivery, the object may be acquired ton a CD-ROM or other physKally 
parable median, THe object can be stored a, the Cien, computer, on a hard 
drive, for example, or on a transportable medium. 

Completion of an authorisation process is required in order to uniock, or 
,0 gain access to, the object Access to the object may be requested a, ft, = direction 
of a human user, or may be requested without human intervention, such as during 
^ution of a computer program or scrip, Once ft. authorization process has 
been completed successfully, an install process - initiated a, the client computer, 
wherein the objecfs unique coded key is copied to a location a, 
l5 .nstal, process also causes a machine identification code corresponding to the cue*. 
t0 be copies to a location a, the client. On the Microsoft Windows Operating 
System, the Regis*y f«e is used for storing the unique coded key and the maclune 
identification code. The instaUation process allows the object to be executed, or 
••published," locally, at that particular client computer, as opposed to occurring 
20 across a network, and "locks" the instaUed object to ft. particular machine. The 
object can be copied and is freely transmissable between computers, bu, the 

ill h, executed aeain if access is attempted at a different 
authorization process will be executeo again 

COn "' U,er ' When access to an object is requested initially a. a client computer, for 
25 example by a human user or by an automated computer scrip, the client computer 
conducts an access check The access check may comprise searching one or more 
designated system files a. the client computer for the unique key correspondmg 
the object and the machine identification code corresponding to the computer a. 
which the request occurred. If the access check reveals ftat the required files are 
30 present, then the object .s automatically decoded and executed. The files 
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containing ** - W- — - <°> M » * « OT,,0ray """^ "* T 
i. available for use. When ft. resource using the content has completed such use. 
me temporary direct is deleted and the object is encrypted The content can be 
reaccessed and reused a. that particutor computer as many times as me user or 

5 resource desires. 

If the access check fails, then an external authorization procedure ,s 

indented. Payment and/or use information is collected a, the cUen, computer at 
wh ich me access request occurred The payment/use information can be tnput by 
human user, or can be automatically coUected by the resource based on existing, 
,0 stored information. Payment information may be required if - P— » « 
supplier of the object requires such payment for execution of the object (,,. the 
object is being sold or bcensed to me user). Alternative., or i, addition to 
payment information, use information may be required, such as enm.oymen,-re.*ed 
la, educational information, family information, or any other information wh,ch a 
15 content producer or suppUer wishes to consider in regulating access to the object. 
The payment/use information is transmitted from the chen, to a payment server, 
using a communications link such as the Internet. 

The payment server directs me external authorization procedure, based 
on the payment/use information received. The payment server first may process, a, 
20 a ■•preprocessing" sttge, the payment/usc information. During preprocessmg, the 
payment server may search the information for payment information m correct 
format, such as valid credit card number (i.e. proper number of dtgns) and 
expiration date. Alternatively, if only "use" information is required for accessing 
me object, the payment server may search for the required "use" information. For 
25 example, a magazine may requrre that users tndicate they are a student at an 

accredited U.S. .aw schoo. in order to gain access to an object representing a ega. 
magazine. The payment server will scan the information received from the chen 
to such indication of law school, and if found, wi., tiansmi. a message back to the 
client initiating an installation procedure as discussed later herem. 
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tt payment information is reared, and preprocessing reveals proper 
formal men select portions of the payment information are transmuted v» a 
communicauons Unk » an authorization cenw for account verification. The 
aumorizauon center may be. for exampie, a credit card authorizanon center In Uns 
5 exampie. the payment server transmits the credit card number, expiation date, ar.d 

verifies or rejects me ration based on the funds avaiiabie in me account 
ft. amount of the reouesfcd pr^nase. .ft. purchase is verified, the authon^on 
center deducts me appropriate amount from the account and sends a message to me 
,0 payment server indict verification. If me purchase ,s r.ected, fte auction 
cTer sends a message , ft. payment server mdicaung rejecnon. A ded-cated 
^ re .ay network may comprise me communications link between the payment 
server and the authorization center. 

Upon receivng a message from the authorization center md.cating Cher 
, 5 acceptance or rejection of the transaction, the payment server transmits a "mken" 
b J,„ the chen. compute, The token is a f,.e indicate whether me tiansacti^ 
has been approved; i.e. whefter the object shoutd be insui.ed and access grame* 
U the token indicates approval ft. token causes the chen, computer to execute the 
inaa U process discussed prevousiy. wherein, for examp.e, a unique cod* key 
20 correspond^ to the object >s mstaiied a, the chen, aiong with the chen, machme 
identification code. The objec, is men auomaucaHy pub.ished. and access ,s 
avaiiabie .hereafter (without retiring further paymen, or use informauon) 
according to the access check described herein. If the token ind.ca,es rejection, me 
ina an process win no, be iniua,ed and access is demed. The ,oken may con.au, 

dispiay a message based on this addition* information, for the benefit of a human 



user. 



The token, as well as the access check and me insta.1 process, ,s 
uansparen. and inaccessib.e to me resource requesting access. The "resource" 
30 seeking access to the objec. may be a human user, a computer program, or a 
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ca**** thereof. The requesting resource, to the extent feasible, is prevented 
from copying the token or copying the mstiuled unique coded key so as «o enable 
access without the required payment or other authorization a. other chen. 

computers. 

5 Atmough the token and the unique coded key are no. mean, to be coped 

from one computer ,0 another, me object Hf may be copied or delivered to other 
computers or media. If access to ft. object then is requested at another computer, 
the access check again wiU be implemented, and payment or use informal w.1. 
be required for access if not already supplied at that particular computer. 
10 Advantages of the digital content access regulating techniques desenbed 

here may include one or more of the following. 

By providing mechanisms for selectively granting access to dtgrtal 
content, the meftods and techniques described here provide a practicai and effic.cn. 
way for producers or other authorized suppliers of such content to deliver and/or 
,5 sell directly to their customers, without the need for physical producuon, a 

dilution chain, or third-party sales intermediaries. These mechanisms authonze 
m d complete a purchase of digital content by baling or debiting the appropnate 
financal accoum, activating or unlocking the object embodying the content that 
was purchased, and storing authorization information a. the buyer's computer so 
20 mat the content can be accessed at that particular computer on an ongonrg basrs 
once it has been purchased. Whi.e transfer of the object to a different computer ,s 
allowed, unregulated access .o us content at the different computer is prevented. 
Thus, the mechanisms protect me economic interests of content supphers by 
preventing who«esale copying and dismbution of unlocked, potentially valuable 

25 digital content. . 

The mechanisms described here also protect the buyer's confident^ 

payment information, occur in real-time so as to gran, the buyer quick and easy 

access <o fte object as soon as he purchases it, and utinze existing financal 

indents, such as credit cards, debit cards, or demand deposit account 
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The mechanisms described here also allow a customer to enjoy the 
^vantages of a digital product without the dCays and h^nvetuences 

continuously retrieving files over , umited bandwidth pubUc sw**hed 
network. The product is aored a. the customer's computer in compressed and 
5 encrypted form, until the time a, which the customer desires to vew or use 

Trne customer's computer, and me customer can view or use the product wtthou, 
m e need for network access. The mechanisms therefore make accessmg large 
l0 digital fi.es, incmding multimedia document or movies, much more convement 
and enjoyable to the user 

Additional security can be provided by encrypting, m addmon to the 
ob] ec< itself, me files contain* g me content. Such additional encryption can be 
demented usmg, for example, the B.owfish algorithm. When *e o bj ect , 
15 exited (decompressed and decrypt* with the fi,es containing the 

to a temporary subdirectory), these files containing me content may be decrypted 
1 1 fly ■ - a continuous da. .ream, as me product is executed. This ptovdes 
protection against unauthorized copying of me decrypted files containing the 
content, during execution of the object. 
M A customer may obtain an object in any of several convement and 

efficient ways, and the object may be copied and transm,,. ed to others whoafco 
may w,sh to purchase or pro^ly access the content contamed mere., 
^ for example, can be used to dehver the object to the customer s ~ 
mailbox. Allowing eiectronic mail to be used for delivery ofpackaged conton, * 
25 customer provides the benefit of extendmg the functionaUty of a 

rework which ts aready extsten, and avaiiabl. to a wide number of potent^ 
customer, It provides the additional benefit of no, raring me user to morutor 
,he delivery process or maintain a network connection during delwery. 
dehvery of vanous digual products to the user's electron, mailbox could be 
30 automated to occur a, regu.ar mtervals, thereby ehminating the hassle of a user 
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having to request each and every day the delivery of, for example, the daily 

newspaper in digital form. 

The systems and techniques described here also enable the coordinated 

execution, or -publishing," of the files comprising the object. Such coordtoed 

5 execution provides benefits to the user-for example, the direct publication of a 

Web site completely on the customer's client computer, without requiring mpu. or 

Prions from the user. The sy^em uses common, existing applications such as 

browsers and viewers to execute files and pubhsh digital content, thus reducmg the 

need for the user to purchase or acquire additional applications for the use of 

10 digital content. 

Other advantages and features will become apparent from the followmg 

description, including the drawings and claims. 

rw-ri ptinn of the Drawings 
Fig. 1 is a block diagram illustrating components of a sales and payment 

15 authorization system. 

Fig 2 is a browser display of a Web page of a popular newspaper, with 

content similar to the ^aditional printed version, available for reading online. 

Fig. 3 is a movie displayed using the Quicktime browser plug-m 

application, available for viewing online. 
20 Fig. 4 is an example of an "electronic magazme rack," displaymg objects 

wtuch can be delivered via a network and activated and viewed. 

Fig. 5 is a flow chart illustrating a check coded key, or "access check, 

function. . 

Fig. 6 is an example of the mitial interface, representing an electronic 

25 package," of an object to which access may be granted. 

Figs. 7A and 7B depict a flow chart of a payment and installation 

process. 

Fig. 8 is a solicitation form presented to the user when, for example, the 
check coded key function of Fig. 6 fails to confirm access to the object. 
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Fig. 9 is a "Ready For Use" message which may be presented to the user 
upon completion of the payment and installation process of Fig. 8. 

Fig 10 is an example of an activated and published object: a digital 
newspaper made up of HTML files and displayed by a browser application. 
5 Fig. 1 1 is a file structure listing for the object of Fig. 10, illustrating 

client storage of the files constituting the object 

Fig. 12 is another example of an activated and published object: a digital 
novel stored as a PDF file and displayed by a viewer application. 

rvtailed Description 

0 Fig 1 shows a network sales and payment authorization system 2. The 

syaem utilizes a network 4, such as the public switched network, which allows 
remote computers to communicate with one another. For example, the Interne, and 
the hypertext software protocol of the World W.de Web may be used for tins 
purpose. Hypertext Markup Language (HTML) files residing a. server computers 
,5 may be accessed and viewed by remote client computers with browser software, vta 
the Interne, and the Hypertext Transfer Protocol (HTTP) for requesting and 
receiving files. HTML files can contain or refer to any type of dtgrtal data, 
^eluding multimedia documents with text aud.o, video. 3-D, and animation, and 
can launch executable programs. An HTML file is identified by a Utuform 
20 Resource Locattr (URL) pinpointing the file's location, and a client can request 
that the appropriate server deliver a particular file to it by specifymg the correct 
URL. 

Digital products may be displayed and available for purchase at a 
merchant computer .2, which is a server connected .0 the network 4. The digital 
25 products may be encrypted ,n order to protect agams. unauthorized access, and may 
be compressed to facilitate efficient delivery and storage. Customers may 
download the products from the merchant computer 12 to any of a plurahty of 
client computers 6, 8, 10 which also are connected to the network 4. Customers 
.nay use a personal home computer connected to the Internet via a modem and 
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telephone line a, client computer 6- As an alternative to evading the product, 
earners can request that .he product be emailed to them, or can copy the product 
from a computer-readable physical medium such as a diskette or CD-ROM. 

A payment computer or server 14 is connected to the network 4 for 
5 processing payment for ****** -ess to an object Payment compute .4 
is connected to financial aumorizauon body 16 via a teleconumunoauons hnk 15. 
for example, a dedicated frame relay network. 

Fig 2 illustrates one format for viewing digital content F.g. 2 shows a 
Web page 20. comprised of HTML files, which is par. of the Web site of a popular 
,0 newspaper. The Web page 20 represents the "front page" of an electron* vers,„n 
of the newspaper. The Web page 20 is locaed a, URL 22, and inCudes text and 
graphics, as we« as hypertext links 24, 26 to internal pages of the Web sue, 
logons to interna, pages of a traditional printed newspaper. The Web page 20 
« be viewed with an Interne, browse, such as the Netscape Navigator browser 
,5 depicted in Fig. 2. When the user se.ects a hypertext .ink 24, 26 the browser w.1. 
request from the Web site server the HTML fde a. the correspondmg URL, and 

will display this file. 

As can be seen in Fig. 3, content available for browsing in real-tune on 

toe Web is no, limited to text and graphics, but also may include moves and 
20 sound. The move 30 shown in Fig. 3 ,s a file located at URL 32, which has been 
downloaded from the server <o the chent. The browser, along with any necessary 
helper apphcations or p.ugins, delays the move in browser window 28 where ,. ,s 

now ready to play. 

Multimedia files such as those depicted in Figs. 2 and 3 may requrre 
25 significant time to download from the server on which they reside, due to the large 
siK of the files and the limited bandwidth of me network over which they must be 
sent Thus, browsing the Web in reaMime for viewing of digita. content such as 
newspapers and movies may no, be desirab.e or practical for many users. An 
alternative method is to package the content m a compressed, encrypted, 
30 se.f-ex.rac.ing forma, and dehver i. » the user's computer, and after the user has 
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paid for the object, to allow access to the content at the user's computer. Figs. 4- 
12 and the corresponding description describe such packaging, delivery, payment 
and selected access to digital content 

Fig. 4 depicts an example of digital content available at an electronic 

5 magazine rack 39. Digital content is embodied in objects, which are compressed, 
encrypted, executable, and/or self-extracting files. Objects contain strings of digital 
data which when decompressed and decoded are automatically reconstituted as 
distinct file types understood and controlled by the computer operating system. 
These files are digital representations of virtually any data type supported by the 

10 operating system, including text, pictures, executable computer programs, music, 
movies, voice, or any other type of digital data. This digital data constitutes the 
information or content embodied in the object. Objects embodying such digital 
data or content may be referred to as media objects, and media objects which are 
exchanged or delivered in electronic commerce may be referred to as commerce 

15 media objects. 

Objects available at magazine rack 39 include magazines 40 and 42. 
The user can select the object desired, and can have it delivered electronically, such 
as by email or using File Transfer Protocol (FTP). The user then can pay for the 
object at a later time, and thereafter can browse or execute the product at his 

20 leisure, in real-time at his own client computer, without the need for maintaining a 
network connection or for downloading files repeatedly from a remote server via 
the network. After the usct has paid for the object and is done viewing or 
executing it, the object is stored at the user's client computer in encrypted, 
compressed form until the user again requests to view or execute the object. 

25 Fig. 5 is a flow chart illustrating a procedure initiated at a client 

computer when a user requests to view or execute an object. Fig. 6 shows the 
initial interface or packaging of object 90, in this example a digital magazine. A 
user indicates a request to access object 90 by clicking on doors 92 or 94, or 
selecting an "open" command from the file menu. This access request is shown as 

30 step 50 in Fig. 5. At step 52, the client computer on which the object is stored 
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searches an operating system file for a unique coded key corresponding to the 
object 90. Every unique object has a unique coded key (which also may be 
referred to simply as a "key" or "cookie'') which acts as a key for accessing the 
object When the object is paid for and installed, the unique coded key is written 
5 to an operating system file at the computer on which it is installed. If the 
operating system is the Microsoft Windows Operating System, for example, this 
system file is the Windows Registry file. Thus, in step 50, if the object 90 already 
has been properly paid for and installed on the client computer using the Windows 
OS, the unique coded key corresponding to object 90 will be found in the Registry 
10 file. If the unique coded key is not found, the payment and installation process 
begins at step 54, further illustrated in Figs. 7A and 7B. If in fact the unique 
coded key is found, then at step 56 the client computer attempts to match its 
machine ID with a machine ID recorded in the Registry. In addition to recording 
the unique coded key in the Registry file, a machine ID was recorded in the 
15 Registry file when an object was first paid for and installed, in order to lock the 
installation to a particular machine. This prevents a user from purchasing one 
object and sending functional copies to others. If a machine ID match is not 
found, then the payment and installation process is initiated at step 54. If the 
correct Machine ID is found, then this indicates prior payment for the object and 
20 access should be granted. In that case, the object is decompressed, decoded, and 
displayed or executed (or, "published") at step 58, and thus becomes ready for use 

or viewing by the user. 

Figs. 7A and 7B are a flow chart illustrating the payment and 
installation process that may be performed when the coded key check process of 

25 Fig. 5 reveals that proper payment or other authorization has not yet been received 
in order to access the object at that particular computer. According to the process 
of Figs. 7A and 7B, the client computer at step 70 first displays a solicitation form, 
an example of which is shown in Fig. 8. The solicitation form 100 is stored as 
part of the object, and allows the user to enter payment information or "use 

30 information" for the object. Payment information is the data used to validate and 
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debit credit cards, or other means of electronic payment such as use of Electronic 
Funds Transfer (EFT) or electronic cash ("ecash") accounts. Use information is 
data used to control, for example, circulation materials such as industry and trade 
publications, which require the recipient to provide employment data in order to 
5 have a "no charge" edition of the publication. The mechanisms described herein 
can regulate access to digital content based on payment information, use 
information, or both. In the example of Fig. 8, the solicitation form has query 
boxes 104, 106, 108, and 110 for entry of credit card account information. The 
solicitation box corresponding to a different object could present different or 
10 additional spaces for entering other information. 

Payment/use information is entered by the user at step 72 of Fig. 7A, 
and is held in solicitation form data files at the user's (client) computer. The user 
initiates submission of the data by activating the submit control, represented as the 
Submit Now button 102 in the interface of Fig. 8. Activating the submit control 
15 causes the client computer to set up a communications channel, for example, a 
socket connection. The socket initiates a TCP/IP connection over the public 
switched network (i.e. an Internet connection) between the client and a payment 
server computer. When the socket connection has been established, the 
payment/use data is transmitted at step 74 from the client to the payment server via 
20 the public switched network, through the socket connection. 

At the payment server, the payment/use data is loaded into an "Open 
Data" file for preprocessing 76. Controlled use data information is validated or 
rejected at the payment server during preprocessing, based on previously 
established criteria relating to the particular object. Payment information is 
25 checked for a valid account format, for example, an existing credit card type and 
the correct number of digits, and valid expiration date. If the payment/use data is 
rejected during preprocessing, the data representing the invalid attempt is stored at 
step 78, and a rejection code is transmitted at step 80 to the client computer. The 
rejection code is a 128-bit string containing information indicating the reasons for 
30 the rejection. In this string, the first bit indicates rejection of the transaction, and 
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the following bits contain specific information as to the deficiencies. The code is 
displayed as a rejection message 82 at the client computer, and the user has the 
opportunity to reenter the payment/use information 72. After three successive 
failures, the socket connection is terminated. 
5 If the payment/use information is validated at the preprocessing stage, 

then it is copied from the "Open Data" file to a "Transmit and Authorize" file, and 
transmitted to an authorization center, such as a bank or credit card authorization 
center, at step 84 for account verification and authorization 86. A dedicated frame 
relay network can be used to connect the payment server to the authorization 
10 center, for communications therebetween. Alternatively, verifications and 

authorization can be performed using a public network. If the account information 
is authorized and the transaction approved by the authorization center, the 
appropriate account is billed or debited 88 and an authorization code is transmitted 
to the payment server at step 90, the authorization code indicating acceptance and 
15 authorization. If the transaction is rejected, due to insufficient funds in the 

account, for example, an authorization code is transmitted to the payment server at 
step 92, the authorization code indicating rejection of the transaction. 

Upon receiving an authorization code from the authorization center, the 
payment server stores the payment/use information that had been submitted, along 
20 with the authorization code at step 94, in an "Accept and Reject" file. The 
payment server then processes the authorization code, to determine whether the 
transaction has been accepted or rejected 96. If rejected, the invalid attempt is 
stored 78 and a 128 bit rejection message is transmitted to the client at step 80, and 
displayed at the client at step 82, whereupon the user can again enter payment/use 
25 information 72 and resubmit the data 74. The rejection message may indicate, for 
example, invalid name, address, or insufficient account balance. If the check 
authorization code step 96 reveals acceptance of the transaction, the payment server 
initiates an install process at the client. At step 97, the payment computer transmits 
to the client an acceptance message or "token," which indicates that payment or 
30 approval for use has been authorized. In Fig. 7B, the acceptance message is a 128- 
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bit message wherein the first bit signifies acceptance and the following 127 bits are 
"dummy" bits utilized for conveying information only when a rejection has 
occurred. The acceptance message can be made transparent to a user of the client 
computer. 'Transparent," as used herein, means that the file (or "message," 
5 "token," "key," or "cookie") to the extent feasible is hidden or is not revealed to a 
user, so as to protect against interception, copying, reuse, or other manipulation by 
the computer seeking access to the content. If the transaction is rejected, the 
payment computer will transmit a rejection message, in Fig. 7B, the rejection 
message is a 128-bit message wherein the first bit signifies rejection to the client 
10 computer, and the following 127 bits contain information as to the reasons for the 
rejection. 

An acceptance message causes the client to find the unique coded key 
associated with the object 90, and copy it to a system file, such as the Windows 
Registry, shown at step 98. The unique coded key is a numeric output of a 
15 mathematical algorithm, which is part of the parsed data string constituting the 
object 90, along with the solicitation form 100 and other necessary files. The 
unique coded key is encrypted in order to mask its identity and prevent 
unauthorized copying. In addition to storing the unique coded key in the Registry, 
the client also stores a machine identification code in the Registry at step 98, in 
20 order to lock the installation of the object to one particular machine. The object 
thereafter may be copied or transmitted to other client computers but will not be 
accessible at the other client computers until properly authorized and installed on 
those computers. 

Upon storing the unique coded key and machine ID, the client 
25 decompresses, decodes, and executes, or "publishes," the object at step 99. 
Alternatively, a "Ready For Use" window 120, shown in Fig. 9, may first be 
displayed to the user upon installation, specifically notifying the user that the 
transaction has been approved and the object successfully installed. Up until this 
point, the transaction had been transparent to the user. When the object is 
30 executed, the files within the object are copied to a subdirectory of a temporary 



WO 99/60458 



PCT/US99/10686 



- 18- 

folder, and each time the object is closed, the files in the subdirectory are deleted. 
Once a particular object has been authorized and installed, the client may reopen 
and display or execute the object as many times as desired. 

Additional security may be provided by the content producer or 
5 authorized distributor by utilizing an encryption algorithm to encrypt the files 
containing the content (in addition to encrypting the object itself) which are copied 
to the subdirectory upon decryption and execution of the object. The Blowfish 
algorithm may be used for encrypting the files containing the content. See B. 
Schneier, Fast Software Encryption 191-204 (Springer-Verlag, 1994), incorporated 
10 herein by reference. Thus, two levels of encryption can be utilized. For example, 
a digital newspaper may consist of multiple HTML files. The producer may 
encrypt the individual HTML files using Blowfish; the Blowfish-encrypted files 
may be packaged along with the application necessary for viewing the files (in the 
case of HTML files, a browser), a Dynamic Link Library (DLL) for use with the 
15 application, and the unique coded key, to comprise the object. The object, of 
course, is itself compressed and encrypted. When the object is accessed 
successfully and executed, the Blowfish-encrypted files are copied to the temporary 
subdirectory, the application and DLL packaged as part of the object is utilized for 
viewing or executing the files, with the files being encrypted "on-the-fly" as needed 
20 for viewing or using the object. This extra encryption step prevents, for example, 
locating and copying complete, decoded files containing the digital content during 
execution of the object. 

Fig. 10 shows an example of an object that has been authorized and 
opened. The content 122 is a digital newspaper, consisting of HTML files, which 
25 has been published using a browser application at the client. As shown in Fig. 11, 
the files constituting the object are stored in a temporary subdirectory of the client 
computer's hard drive (e.g. the c:\ drive) and thus no network connection is 
necessary to browse the contents. Objects can assume a variety of different file 
formats; if the client has a proper application for opening the particular file format, 
30 the object will be published and displayed at the client. Fig. 12, for example, 
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shows an object in the PDF file format, a novel, published at the client using a 
viewer application. Other formats can be authorized, installed, and published, such 
as AVI and MPEG (movies), WAV (sound), or JPEG (graphics),. 

The techniques and mechanisms described here were implemented on 
5 the Microsoft Windows Operating System using the C++ programming language. 
They are not limited to any particular hardware or software configuration, but 
rather they may find applicability in any computing environment in which 
electronic products may be ordered, delivered, and paid for electronically. These 
techniques and mechanisms may be implemented in hardware or software, or a 
10 combination of the two. Preferably, implementation is achieved with computer 
programs executing on programmable computers that each include a processor, a 
storage medium readable by the processor, including volatile and non-volatile 
memory and/or storage elements, and suitable input and output devices. Program 
code is applied to data entered using the input device to perform the functions 
15 described and to generate output information. The output information is applied to 
one or more output devices. 

Each program is preferably implemented in a high level procedural or 
object oriented programming language to communicate with a computer system. 
However, the programs can be implemented in assembly or machine language, if 
20 desired. In any case, the language may be a compiled or interpreted language. 

Each such computer program is preferably stored on a storage medium 
or device (e.g., CD-ROM, hard disk or magnetic diskette) that is readable by a 
general or special purpose programmable computer for configuring and operating 
the computer when the storage medium or device is read by the computer to 
25 perform the procedures described in this document. The system also may be 

implemented as a computer-readable storage medium, configured with a computer 
program, where the storage medium so configured causes a computer to operate in 
a specific and predefined maimer. 
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What is claimed is: 

1. A computer-implemented method of regulating access to digital 

content, the method comprising: 

requesting permission from an external source for a resource to access 

5 the digital content; 

receiving from the external source a token that is transparent to the 

resource; and 

selectively granting the resource access to the digital content based on 
the received token. 

10 2. The method of claim 1, wherein requesting the permission, 

receiving the token, and selectively granting the resource access are performed on a 
client. 

3. The method of claim 2, wherein the token on which selectively 
granting access is based is not transferable to another client. 

!5 4. The method of claim 2, the method further comprising executing 

an installation process at the client based on the token received. 

5. The method of claim 4, wherein the installation process includes 
installing at the client computer a unique coded key corresponding to the digital 
content. 

20 6. The method of claim 5, wherein the installation process includes 

installing at the client a machine identification code identifying the client on which 
the installation process is executed. 



WO 99/60458 



PCT/US99/10686 



-21- 

7. The method of claim 5, wherein selectively granting the resource 
access is based on finding the installed key and the installed machine identification 
code. 

8. The method of claim 1, wherein the token is inaccessible to the 

5 resource. 

9. The method of claim 1, wherein the external source is a server. 

10. The method of claim 9, wherein the permission is requested via a 
public switched network and the token is received via the public switched network. 

i 1 . The method of claim 10, the method further comprising 
10 establishing a socket connection with the server computer for requesting the 
permission and receiving the token via the public switched network. 

12. The method of claim 1, wherein the resource is a human 
initiating a computer operation. 

13. The method of claim 1, wherein the resource is a computer 

15 program. 

14. The method of claim 1, wherein requesting the permission from 
the external source initiates an authorization procedure, and the token received is 
based on a result of the authorization procedure. 



15. The method of claim 14, wherein the authorization procedure is 
20 executed in real-time. 
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16. The method of claim 14, wherein the token is a data string 
containing a code indicating whether permission is granted. 

17. The method of claim 14, wherein requesting the permission from 
the external source includes transmitting payment information to the external 

5 source. 

18. The method of claim 17, wherein the payment information 
includes a credit card number. 

19. The method of claim 1 7, wherein the authorization procedure 

comprises: 

10 tiarismitting payment data based on the payment information to a 

payment authorization center, 

processing the payment data at the payment authorization center; and 
trarisrnitting an authorization code from the payment authorization center 
to the external source based on the processing of the payment information. 

!5 20. The method of claim 19, wherein the payment data and the 

authorization code are transmitted via a dedicated frame relay network. 

21. The method of claim 14, wherein the authorization procedure 

comprises: 

processing use information received from a client; 
20 searching the use information for a predefined parameter; and 

transmitting the token to the client based on a result of the search. 

22. The method of claim 1, the method further comprising executing 
an access check upon a request to access the digital content, the access check 
comprising: 
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checking a data file for a key indicating approval to access the digital 
content; and 

initiating the request for permission from an external source if the key 
indicating approval is not found 

5 23. A computer-implemented method for selectively granting access 

to an encrypted object, the method comprising: 

executing an access check at a client based on a request to access the 

object; 

initiating an authorization procedure at an external source based on a 

10 result of the access check; 

based on a result of the authorization procedure, executing an 
installation procedure to install at the client a key corresponding to the object; and 
decrypting the object when access to the object is requested at the client. 

24. The method of claim 23, wherein the encrypted object includes 
15 digital content, a copy of the key corresponding to the object, and an authorization 

form for collecting authorization information. 

25. The method of claim 23, wherein the object includes a file 
comprising digital content, and decrypting the object initiates copying of the file 
comprising the digital content to a temporary location at the client. 

20 26. The method of claim 25, the method further comprising 

reencrypting the object and removing the file comprising the digital content from 
the temporary location at the client based on a request to close the object. 



27. The method of claim 26, wherein the object is stored in 
encrypted format at the client until another request to access the object occurs. 
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28. The method of claim 23, wherein the object is transferable to 
another client and the installed key corresponding to the object is not transferable 
to another client. 

29. The method of claim 23, wherein the object includes a file 

5 comprising digital content, decrypting the object allows use of the digital content, 
and the file comprising the digital content is protected from copying while the 
digital content is being used. 

30. The method of claim 29, wherein the file comprising digital 
content is encrypted, decrypting the object causes the encrypted file comprising 

10 digital content to be copied to a temporary location at the client, and use of the 
digital content is enabled by decrypting the file comprising digital content as a 
continuous data stream in real-time. 

31. The method of claim 30, wherein the file comprising digital 
content is encrypted using Blowfish. 

15 32. The method of claim 23, the method further comprising: 

requesting the object from a merchant server via a public switched 

network; 

receiving the object from the merchant server via the public switched 
network; and 
20 storing the object at the client. 

33. The method of claim 32, wherein the object is received as an 
electronic mail attachment. 
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34. The method of claim 23, wherein the access check comprises 
checking the chent for the key corresponding to the object and checking the client 
for a machine identification code. 

35. A computer-implemented method of regulating access to 
5 protected digital content at a client, the method comprising: 

requesting permission from a server for a resource to access the 
protected digital content; 

receiving from the server a token that is transparent to the resource; 
based on the token received, selectively installing at the client a key 
10 corresponding to the protected digital content; 

granting the resource access at the client to the digital content based on 

the installed key. 

36. The method of claim 35, wherein the digital content is contained 
15 in a file that is part of a locked, compressed object. 

37. The method of claim 36, wherein the digital content is reusable 
at the client and the locked, compressed object is transferable to another client. 

38. The method of claim 36, wherein granting the resource access to 
the digital content comprises decoding and decompressing the object, creating a 

20 temporary copy of the file containing the digital content at a location at the client, 
and upon notification that the resource is finished accessing the digital content 
deleting the temporary copy of the file containing the digital content, and 
encrypting and compressing the object. 

39. The method of claim 35, wherein the transparent token is 
25 inaccessible to the resource. 
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40. A system for selectively granting access to a locked object, the 

system comprising: 

a client for executing an access check upon a request for a resource to 
access the locked object; for transmitting access information if the access check 
5 fails to authorize access to the locked object; for receiving a token that is 
transparent to the resource requesting access; and for executing an installation 
procedure based on the received token; 

a server for receiving access information transmitted by the client; for 
processing the access information; for transmitting authorization information based 
10 on the access information; for receiving an authorization code; and for transmitting 
the token to the client based on the authorization code received; and 

an authorization center for receiving the authorization information 
transmitted by the server, for confirming the authorization information; and for 
transmitting the authorization code to the server. 

15 4i The system of claim 40, wherein the access information 

comprises use information. 

42. The system of claim 40, wherein the access information 
comprises payment information. 

43. The system of claim 42, wherein the payment information 
20 includes a credit card number. 

44. The system of claim 40, the system further comprising a public 
switched network for transmitting the access information and the token. 
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45. The system of claim 44, wherein a secure socket connection is 
established between the client and the server for transmitting the access information 
and the token via the public switched network. 

46. The system of claim 45, wherein the secure socket connection is 
5 opened before transmitting the access information and the secure socket connection 

is closed after receiving the token. 

47. The system of claim 40, the system further comprising a frame 
relay network for transmitting the authorization information and the authorization 
code. 

10 48. The system of claim 40, wherein the resource is a computer 

process. 

49. The system of claim 40, wherein the locked object comprises 
digital content and an associated key, and the installation procedure comprises 
writing the associated key to a location at the client. 

15 50. The system of claim 49, wherein the installation procedure 

further comprises writing machine identification data to a location at the client, the 
machine identification data enabling access to the digital content at the client. 

51. The system of claim 50, wherein the associated key and the 
machine identification data are written to the registry file on a Windows operating 

20 system. 

52. The system of claim 49, wherein the access check comprises 
checking the client for the associated key and the machine identification data. 
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53. The system of claim 40, the system further comprising a 
merchant server for receiving requests electronically for delivery of the object; and 
for delivering the object electronically. 

54. The system of claim 53, wherein the object is requested and the 
5 object is delivered via a public switched network. 

55. The system of claim 53, wherein the object is requested via the 
Internet and the object is delivered in compressed format via the Internet 

56. The system of claim 53, wherein the object is delivered in 
compressed format using electronic mail. 

10 57. The system of claim 40, wherein the object is obtained from a 

CD-ROM. 
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